i just found out that my url filtering software web sense license had expired about a couple of months ago ... till i get my license renewed, i want to know if there is any temporary fix i can achieve by using extended acl's on cisco router and deny access to specific websites
Scenario: Branch Router (Billion) --> ISP WAN --> Our Core Router (Cisco 2821) --> Internet
Example: i want to block web access to http://vasi.net
... while doing nslookup, i found site's public i.p to be 22.214.171.124 .. how and which interface shud i apply the acl to deny web access from the branch's I.P (which my core router knows about ) to this i.p ?
Would it be
access-list 101 deny tcp x.x.x.x y.y.y.y host 126.96.36.199 eq 80
access-list 101 deny tcp x.x.x.x y.y.y.y host 188.8.131.52 eq 443
access-list 101 permit ip any any
and apply it to the inside interface of core router (which connects to ip wan) ?